× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. RPG400-L
  3. October 2001

Re: Record level security

I had another thought -- as of (I think) V5R1 there's a READ trigger, but
unfortunately it's only allowed AFTER the read has occurred. Even if
allowed, you'd still have the problem of determining who's requesting the
data.

Afaik you're right about the DDM files. With ODBC, I the server job swaps to
the user profile it's currently servicing, but it still uses QUSER when
obtaining the object lock.  Maybe a couple of exit programs?

hth,
Peter Dow
Dow Software Services, Inc.
909 425-0194 voice
909 425-0196 fax



----- Original Message -----
From: "Bartell, Aaron L. (TC)" <ALBartell@taylorcorp.com>
To: <rpg400-l@midrange.com>
Sent: Tuesday, October 30, 2001 3:44 PM
Subject: RE: Record level security


> Here is my problem with that though.  These 40 companies are going to be
> accessing the files via DDM and ODBC connections.  DDM over SNA user QUSER
> as the profile so how could I limit who has access to what?  I believe
ODBC
> connections would be doing the same thing, using QUSER as the profile once
> the program accessing the file has signed on.
>
> Let me know if I am wrong about this,
> Aaron Bartell
>
> -----Original Message-----
> From: Peter Dow [mailto:pcdow@yahoo.com]
> Sent: Tuesday, October 30, 2001 5:22 PM
> To: rpg400-l@midrange.com
> Subject: Re: Record level security
>
>
> Hi Aaron,
>
> My solution is more of a Midrange-L topic -- create 40 logical files (one
> for each company) with select criteria to limit the records to each
company,
> then restrict access to the physical and the logicals.
>
> hth,
> Peter Dow
> Dow Software Services, Inc.
> 909 425-0194 voice
> 909 425-0196 fax
>
> From: "Bartell, Aaron L. (TC)" <ALBartell@taylorcorp.com>
> To: <rpg400-l@midrange.com>; <ign_list@ignite400.org>
> Sent: Tuesday, October 30, 2001 2:21 PM
> Subject: Record level security
>
>
> > Hi All,
> >
> > My company has a corporate AS/400 that stores orders that we pass back
and
> > forth between about 40 different companies.  The orders have sensitive
> info
> > like credit card numbers and such that shouldn't be viewed by all of the
> 40
> > companies.  In this scenario each of the 40 companies has their own IT
> staff
> > that writes query tools to view the data on the corporate machine.  Is
> there
> > a way for me to restrict access so they can only see orders they are
> allowed
> > to see at a system level? (i.e. They can only see orders where they are
> the
> > sender or receiver)
>
>
>
> _________________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com
>
> _______________________________________________
> This is the RPG programming on the AS400 / iSeries (RPG400-L) mailing list
> To post a message email: RPG400-L@midrange.com
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/cgi-bin/listinfo/rpg400-l
> or email: RPG400-L-request@midrange.com
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/rpg400-l.
> _______________________________________________
> This is the RPG programming on the AS400 / iSeries (RPG400-L) mailing list
> To post a message email: RPG400-L@midrange.com
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/cgi-bin/listinfo/rpg400-l
> or email: RPG400-L-request@midrange.com
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/rpg400-l.


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.